Radiant Capital Hacker Transfers Nearly $52M in Stolen Crypto to Ethereum: Data
The strategy resembles tactics seen in past crypto heists, casting doubt on recovery as the funds could soon be laundered through mixers.
The person behind the recent Radiant Capital exploit has reportedly moved nearly all of the stolen crypto, valued at about $52 million, from Layer-2 networks to Ethereum.
Blockchain security firm PeckShield shared the information on October 24, further dampening any hopes of recovering the funds.
Attacker Almost Done Bridging Stolen Funds
According to PeckShield, the attacker’s on-chain footprint showed they had bridged about 20,500 ETH tokens from Arbitrum and Binance’s BNB Chain to Ethereum. The funds were part of the October 16 attack that compromised Radiant Capital’s smart contracts.
Another blockchain security company, Ancilia Inc., was the first to detect the suspicious activity, which initially resulted in the loss of at least $18 million worth of crypto assets from Radiant’s liquidity pool on the Binance network. The hacker then extended the attack to the decentralized finance (DeFi) protocol’s pool on Arbitrum, further escalating the losses.
A post-mortem of the attack showed that the perpetrator gained control by compromising a multi-signature wallet that secured Radiant’s funds. They were then able to obtain the private keys of three out of eleven signers, giving them the ability to upgrade the platform’s contracts and transfer ownership.
It enabled the bad actor to drain several trading pools, including those holding popular assets such as USDC, USDT, wBTC, wETH, and BNB.
Recovery Efforts in Jeopardy?
The October 16 incident is the second time hackers have targeted Radiant this year. In January, the DeFi platform lost $4.5 million due to a vulnerability in its smart contract.
The company has since engaged with U.S. law enforcement, including the FBI, and partnered with cybersecurity outfits like SEAL911 and ZeroShadow in an attempt to recover the stolen money.
However, the thief’s move to Ethereum suggests they may be trying to hide their trail, making recovery efforts that much harder. Further, Radiant has admitted that, given the sophistication of the execution, even the increased security measures it has now put in place may not have been enough to prevent the exploit.
Moving funds to Ethereum is often the last step before criminals launder stolen money through crypto mixers like Tornado Cash. CryptoPotato has reported such incidents in the past, including the infamous $235 million WazirX hacker who transferred their illicit gains in batches since they stole it in mid-July.
Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.
You may also like
Court dismisses appeal in $18M crypto fraud lawsuit
Crypto gains help low-income households secure mortgages
Bitcoin dips 2% as Jim Cramer backs crypto in portfolios
OpenAI tool leaked by beta testers citing unpaid work